Remarks 

Claims 9, 12-13, 17-20, and 22-23 are amended. No claims are canceled, 
while claim 33 has been added. Claims 9-14, 17-23, and 33 are thus pending. In 
view of the foregoing amendments and the following remarks, Applicant 
respectfully requests that the Office issue a Notice of Allowance for the subject 
applicaiton. 

Expectation that any Subsequent Action Maintain Non-Finality 

For at least the reasons discussed below in regards to new claim 33 (under the 

section entitled "New Claim"), Applicant respectfully submits that any subsequent 
Office Action other than a Notice of Allowance should remain Non-Final. See 37 
CFR §1.113, MPEP §706.07(a). 

§103 Rejections 

Claims 9-11, 13-14, 17-19, and 22 stand rejected under 35 U.S.C. §103(a) as 
being unpatentable over Botz in view of Kao. 

Claims 12, 20, and 23 stand rejected under 35 U.S.C. § 103(a) as being 
unpatentable over Botz in view of Kao in further view of U.S. Patent Pub. No. 
2004/0139355 to Axel et al. (hereinafter, "Axel"). 

Applicant respectfully traverses the rejections. Nevertheless, Applicant has 
amended each of the independent claims for the sole purpose of advancing 
prosecution and without conceding the propriety of the Office's rejections. 

Claim 9, as amended, recites a method comprising (added language 
emphasized): 

• receiving a credential from a user at an input device in 
conmiunication with a local machine having a native operating 
system (OS), the local machine capable of being in 
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communication with a plurality of different input devices each 
configured to enable the user to log on with the native OS to 
access the local machine; 

• translating the credential with one of a plurality of different 
coexisting credential provider modules for translating 
respectively different tfpes of credentials into a common 
credential protocol, the common credential protocol being 
compatible with the native OS of the local machine, and the 
plurality of different coexisting credential provider modules also 
enabling the user to log on with the native OS to access the local 
machine with each corresponding different input device that is in 
communication with local machine; 

• communicating the translated credential having the common 
credential protocol through a credential provider Application 
Program Interface (API) to a logon user interface (UI) routine 
of the native OS, wherein the credential provider API is 
configured to interface with each of the plurality of different 
coexisting credential provider modules; 

• passing the translated credential having the common credential 
protocol to a logon routine of the native OS from the logon UI 
routine; 

• calling the logon routine for the native OS to authenticate the 
translated credential having the common credential protocol 
against a credential database; and 

• logging the user on with the native OS to access the local 
machine when the authentication is successful. 



Applicant respectfully submits that the combination of Botz and Kao fails 
to teach or suggest Applicant's amended claim 9. For instance, and as discussed 
during the afore-mentioned interview. Applicant respectfully submits that the 
combination at least fails to teach or suggest the added language of Applicant's 
claim, emphasized above. During the interview, Appliceint understood the Office 
to tentatively agree, although the Office also indicated that further analysis of the 
references and an updated search would be necessary. Applicant once again 
thanks the Office for its insight. 

For at least these reasons, this claim stands allowable. 
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Claims 10-14 depend from claim 9 and, by virtue of this dependency, the 
above comments directed to claim 9 apply equally to these claims. Moreover, 
these claims recite features that, when taken together with those of claim 9, define 
methods not disclosed, taught, or suggested by the references of record, either 
singly or in combination with one another. Applicant notes that while Axel is also 
used in making a rejection of dependent claim 12, this reference also fails to teach 
the added language of independent claim 9, emphasized above. 

Claim 17 recites a method comprising: 

• receiving a credential from a user at an input device in 
communication with a local machine having a native operating 
system (OS), the local machine capable of being in 
communication with a plurality of different input devices, each 
capable of receiving a credential from the user to enable the user 
to log on to access the local machine with the native OS; 

• translating the credential with a credential provider module that 
corresponds to the input device, wherein: 

o the credential provider module is one of a plurality of 
coexisting different said credential provider modules; and 

o each said credential provider module can perform a 
translation of a respectively different type of said 
credential received at a different said input device in 
conununication with the local machine; and 

o each said translation of each said credential is in a 
common credential protocol, the common credential 
protocol being compatible with the native OS of the local 
machine; 

• communicating the translated credential having the common 
credential protocol through a credential provider interface to a 
logon user interface (UI) routine of the native OS, wherein the 
credential provider interface is configured to interface with each 
of the plurality of coexisting different said credential provider 
modules; 

• passing the translated credential having the common credential 
protocol to a logon routine of the native OS from the logon UI 

routine; 

• authenticating the translated credential against a credential 
database with the logon routine of the native OS; and 

• logging the user on to access the local machine with the native 
OS when the authentication is successful. 
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In making out a rejection of this claim, the Office uses reasoning similar to 
that used in regards to claim 9. Therefore, for at least reasons similar to those 
discussed above in regards to claim 9, Applicant respectfully submits that the 
combination of Botz and Kao fail teach or suggest independent claim 17. For 
instance, Applicant respectfully submits that the combination at least fails to teach 
or suggest the added elements of this claim. During the afore-mentioned 
interview, Applicant understood the Office to tentatively agree, although the 
Office also indicated that further analysis of the references and an updated search 
would be necessary. Applicant once again thanks the Office for its insight. 

For at least these reasons, this claim stands allowable. 

Claims 18-21 depend from claim 17 and, by virtue of this dependency, the 
above comments directed to claim 17 apply equally to these claims. Moreover, 
these claims recite features that, when taken together with those of claim 17, 
define methods not disclosed, taught, or suggested by the references of record, 
either singly or in combination with one another. Applicant notes that while Axel 
is also used in making a rejection of dependent claim 20, this reference also fails 
to teach the added language of independent claim 17. 

Claim 22 recites a computer-readable medium comprising a credential 
provider module including instructions that, when executed by a local machine 
having a native operating system (OS), receive and translate a credential into a 
credential protocol so as to be compatible for authentication by an authentication 
component of the native OS against a credential database for logging a user 
identified by the credential on with the native OS to access the local machine 
when the authentication is successful, wherein: 

• the translated credential is received via a credential provider 
Application Programming Interface (API) of the authentication 
component of the native OS; 
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• the credential provider API of the authentication component of 
the native OS is compatible for receiving each of a plurality of 
said credentials from a corresponding plurality of different 
coexisting credential provider modules; and 

• each said different coexisting credential provider module can: 

o receive a respective different type of said credential from 
a respective input device, each respective input device 
capable of coupling to the local machine and enabling the 
user to log on with the native OS to access the local 
machine; and 

o translate each said different type of said credential into the 
credential protocol so as to be compatible for 
authentication by the authentication component of the 
native OS against the credential database. 

In making out a rejection of this claim, the Office uses reasoning similar to 
that used in regards to claim 9. Therefore, for at least reasons similar to those 
discussed above in regards to claim 9, Applicant respectfully submits that the 
combination of Botz and Kao fail teach or suggest independent claim 22. For 
instance, Applicant respectfully submits that the combination at least fails to teach 
or suggest the added elements of this claim. During the afore-mentioned 
interview, Applicant understood the Office to tentatively agree, although the 
Office also indicated that fiirther analysis of the references and an updated search 
would be necessary. Applicant once again thanks the Office for its insight. 

For at least these reasons, this claim stands allowable. 

Claim 23 depends from claim 22 and, by virtue of this dependency, the 
above comments directed to claim 22 apply equally to these claims. Moreover, 
these claims recite features that, when taken together with those of claim 22, 
define methods not disclosed, taught, or suggested by the references of record, 
either singly or in combination with one another. Applicant notes that while Axel 
is also used in making a rejection of dependent claim 23, this reference also fails 
to teach the added language of independent claim 22. 
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New Claim 



Applicant has added new claim 33, which recites subject matter identical to 
that previously found in dependent claim 10 (and its corresponding independent 
claim, claim 9). 

Claim 33 recites a method comprising (emphasis added): 

• receiving a credential from a user at an input device in 
communication with a local machine having an OS, the local 
machine capable of being in communication with a plurality of 
different input devices each configured to enable the user to log 
on with the OS to access the local machine; 

• translating the credential with one of a plurality of different 
coexisting credential provider modules for translating 
respectively different types of credentials into a common 
credential protocol, the plurality of different coexisting credential 
provider modules also enabling the user to log on with the OS to 
access the local machine with each corresponding different input 
device that is in communication with local machine; 

• using a component of the OS to authenticate the translated 
credential having the common credential protocol against a 
credential database; and 

• logging the user on with the OS to access the local machine when 
the authentication is successful, wherein the logging of the user 
on further comprises logging the user on to the local machine 
after a plurality of said credentials have been received, 
translated by a respective said different coexisting credential 
provider module, and authenticated successfully. 

In making out a rejection of claims 9 and 10 (the claims to which new 
claim 33 corresponds), the Office stated that these claims were obvious over the 
combination of Botz and Kao. In regards to claim 10, whose subject matter is 
emphasized directly above, the Office stated the following: 

Regarding Claim 10, the combination of Botz in view of Kao discloses a method, 
wherein the logging of the user on further comprises logging the user on to the local 
machine after a plurality of said credentials have been received, translated by a 
respective said different coexisting credential provider rriodule, and authenticated 
successfully (Page 7, [0094], lines 6 - 10. Botz'). 
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* Wherein the step of using the policy information, ihduding trust policy and initial authentication, to 
signing the user on (Page 7, [0094]. lines 1 - 6. Botz) corresponds to the step of logging the user 
claimed. In addition, Botz discloses the use of a plurality of credentials as claimed (Page 7. [0101], lines 3 
-14, Botz). 



Office Action of 07/11/2007, p. 6. 



Applicant respectfully but strongly disagrees with the Office's rejection of 
this subject matter. Specifically, Applicant respectfully submits that the Office 
fails to show how the references of record teach or suggest "logging the user on to 
the local machine after a plurality of said credentials have been received, 
translated by a respective said different coexisting credential provider module, 
and authenticated successfully", as recited in Applicant's claim 33. 

For support, Applicant reproduces the cited portions of Botz and explains 
why these cited portions fail to teach or suggest this element. The first cited 
passage of Botz is reproduced below. 



[0094] Next, the AIT domain conirolkr accesses policy 
inl'ormatioii about both the request server and the initial 
authentication server. In one embodiment, the trust policy 
for the user, the request server, tlie initial authemication 
server and trust domain is assumed to be available to the 
controller. In ihLs embodiment, the domain controller uses 
the trust policy to determine whether the user sign-on or 
transaction request is to be considered authenticated or not, 
and an appropriate return code Ls generated based on this 
consideration. 



Botz, paragraph [0094]. 



Applicant respectfiilly submits that this paragraph of Botz entirely fails to 
relate to receiving, translating, and successfully authentication "a plurality of 
credentials". As evidenced by the Office's footnote reproduced above, however, it 
appears that the Office agrees. That is, in the footnote, the Office states that "Botz 
discloses the use of a plurality of credentials as claimed (Page 7, [0101], lines 3- 
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14, Botz)." Ojfice Action of 07/11/2007, p. 6. Applicant therefore reproduces this 
second cited passage, as well as the passage introducing the cited passage, below: 



[0098] In this example, the identity translation token 800 
contains the following information: 



[0101] A method of authentication used 80d. 
Examples of sjiecific authentication methods 
include; Kerberos, including Kerberos Realm name; 
Digital Certificate, including Public Key Infrastnic- 
ture (PKl) trust chain; an operating system identifi- 
cation and authentication service, e.g., lUM's z,'(.)S 
system's Resource Access Control Faciliiy (RACF) 
U&er-ID and Password or RACF including RACF 
Realm Name and how the user was authenticated to 
RACF, e.g., by PKI, Kerberos, or basic authentica- 
tion using user id and passwortl or PassTicket; and 
l.DAP, including 1. DAP server name and an authen- 
tication method accepted by I.DAP (list similar lo 
RACF list). 

Botz, paragraph [0101]. 



As paragraph [0098] makes clear, cited paragraph [0101] describes 
information that may be contained with a franslation token of Botz. As paragraph 
[0101] states, this information may include a method of authentication used to 
sign on to a Botz server. Paragraph [0101] then lists exemplary methods of 
authentication may have been used (Kerberos, Digital Certificate, etc.). This 
paragraph, however, entirely fails to discuss signing on with use of a plurality of 
credentials. Listead, the cited passage at most implies an identification of the 
single method of authentication used. In fact. Fig. 8A of Botz, which corresponds 
to the discussion of paragraphs [0098] and [0101], further corroborates this point 
and is reproduced below. 
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800 

IDENTITY OF INITIAL AUTHENTICATION SERVER Yz^802 



USER IDENTITY -^804 



METHOD OF AUTHENTICATION -^806 

-^808 



TIME - STAMP 



-^810 



fig. 8A 



Botz, Fig. 8A. 



As this figure illustrates, token 800 includes an identification 806 of a (i.e., 
singular) method of authentication used. Again, Applicant respectfully submits 
that nowhere has Botz been shown to teach or suggest the use of a plurality of 
authentication methods in order to allow a user to sign on to a Botz server. 
Instead, Botz at most has been shown to teach the use of a single authentication 
method, which directly teaches away from the use of multiple such methods. As 
such. Applicant respectfully submits that the Office fails to show how the cited 
references teach or suggest "logging the user on to the local machine after a 
plurality of said credentials have been received, translated by a respective said 
different coexisting credential provider module, and authenticated successfully", 
as recited in Applicant's claim 33. Again, this claim element is simply missing 
from the Office's citations. 

For at least this reason, this claim stands allowable. 

Additionally, and as note above. Applicant respectfiiUy submits that claim 
33 recites the subject matter previously recited in claim 10 (and its base claim). 
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As such, Applicant respectfully submits that any subsequent Action issued by the 
Office (other than a Notice of Allowance) should remain Non-Final. 

Conclusion 

Applicant respectfully submits that all of the claims are in condition for 
allowance. Accordingly, Applicant requests a Notice of Allowability be issued 
forthwith. If the Office's next anticipated action is to be anything other than 
issuance of a Notice of Allowability, Applicant respectfully requests a telephone 
call for the purpose of scheduling an interview. 



Respectfully submitted, 




Reg. No. 58,970 
(509) 324-9256 ext 265 
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